<?php
/**
 * Created by PhpStorm.
 * User: cqfut
 * Date: 2018/10/31
 * Time: 12:36
 * 校验csrf
 */
  @session_start();
  if( $_SERVER['REQUEST_METHOD']=='POST'  ){
      if (isset($_SESSION['csrf_keys'])
          && is_array($_SESSION['csrf_keys'])
          && isset($_POST['csrf'])
          && in_array($_POST['csrf'],$_SESSION['csrf_keys'])
      ){

      }else{
          echo "<!-csrf check failed->";
          exit(1);
      }
  }
